This PR enables users to be able to define the host-header-allowlist in the configuration file. At the moment, if you attempt to set these values in the configuration file, they are not propagated to the variables used in the middleware due to how viper's marshaling works.
I would also propose that we remove the enable-host-header-allowlist flag from the configuration entirely as we can infer that this is what the user wants to do if host-header-allowlist configured. It can be a little confusing to define the list, but not have it actually take effect.
This PR enables users to be able to define the
host-header-allowlist
in the configuration file. At the moment, if you attempt to set these values in the configuration file, they are not propagated to the variables used in the middleware due to how viper's marshaling works.I would also propose that we remove the
enable-host-header-allowlist
flag from the configuration entirely as we can infer that this is what the user wants to do ifhost-header-allowlist
configured. It can be a little confusing to define the list, but not have it actually take effect.